Another point is that security practitioners are very good at talking about security...amongst themselves. We need to do a better job at bringing the security message to a wider audience. We need to be talking to the stakeholders as well as the programmers and so forth. If we cannot successfully articulate the message of security to a wider audience then we are of limited utility.
We need to do a better job go tackling the corner cutters as well as making sure that we are getting the message heard. It serves no one to sit in a darkened room listing to Front 242 and lamenting that no one understands us.
Sign up for Computerworld eNewsletters.